My approach is just the opposite. I've experienced very limited problems with Windows updates over the years that I just let my machine install them. The only exception to this is that I hold on service packs for awhile as well as Internet Explorer versions.
The way I think about it, these updates are critical for a reason. Now perhaps today I don't use the functionality that the patch corrects. But 3 or 4 months down the road, I may install an application which does require said functionality and I'm unsure that I would remember the critical patch from 4 months ago that I decided to not install that I now need. That's assuming I know exactly that functionality is being used by each and every application that is installed on my computer. If I don't know, I'm not entirely sure that I can successfully evaluate whether I really need a patch or not.
In addition, I also have run the WSUS (automatic update server) for a couple of different employees and it's rare that I decline or unapprove most updates. So, I'm often controlling the decision making for many different machines and I've rarely had any issues in approving and installing these updates.